EUVD-2019-14881

Malware in sbrugna...

CVE-2019-5276

Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222C00E220R2P1 have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network LAN to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal...

GHSA-2G86-R6W2-WQQR Use of Hard-coded Credentials in Nacos

An Access Control vulnerability exists in Nacos 2.0.3 in the access prompt page; enter username and password, click on login to capture packets and then change the returned package, which lets a malicious user login...

Homework Help App Has Logic Flaw Vulnerability

Homework Help APP is a mobile learning platform for primary and secondary school students nationwide. There is a logic flaw vulnerability in Homework Help APP. Attackers can use proxy tools to tamper with packets to hijack the upgrade verification link to induce users to install it...

CVE-2019-5276

Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222C00E220R2P1 have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network LAN to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal...

CVE-2019-5276

Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222C00E220R2P1 have a buffer overflow vulnerability. An attacker may intercept and tamper with the packet in the local area network LAN to exploit this vulnerability. Successful exploitation may cause the affected phone abnormal...

Traffic bank app has information leakage vulnerability

Traffic Bank App is a traffic management and trading platform software. Traffic Bank APP has information leakage vulnerability. Attackers tamper with packets by grabbing packets to obtain other users' information...

Xunlei Download Software Upgrade Process Has Arbitrary File Download Vulnerability

Thunderbolt download is free download software based on multi-resource hyperthreading. Xunlei download software in the process of upgrading the arbitrary file download vulnerability, due to the use of insecure HTTP communication protocol to interact with the server, the attacker can take advantag...

Multiple Vulnerabilities in the Remember the News App

Remember the news app is a real-name authentication social software. There are arbitrary user registration and arbitrary user password reset vulnerabilities in JWAPP. An attacker can register any account and reset any password by grabbing packets and modifying them...

Vulnerability in the Employment Service Management System of Beijing Rongzhi Chuangxiang Information Technology Co.

The Employment Service Management System is an information interaction system for students, companies, faculty counselors, the Career Center, and their employers. An unauthorized access vulnerability exists in the Employment Service Management System of Beijing Rongzhi Chuangxiang Information...

Microtransit EV Android App Has Logic Design Flaws

Microbus EV APP is a car time-share rental service software. Microtransit EV Android APP has a logical design vulnerability, the attacker logs into the system by grabbing packets to modify the user ID, logs into any account, and also performs unauthorized operations, such as funds consumption...

CVE-2012-4114

The fabric-interconnect KVM module in Cisco Unified Computing System UCS does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network or modify this traffic by inserting packets into the client-server data stream, aka Bug ID CSCtr72949...